Med Device Culture Shift: Designing to Expect an Attack

The reason is simple. Because connected devices are somewhat new to the industry, cybersecurity is a new concept as well – one that typically falls out of the wheelhouse of the device manufacture. To be sure, much education is still required to help get device manufacturers up to speed. But what is really needed is a culture shift across the industry.

Here’s why.

What’s at Stake

The rise in connected medical devices has substantial benefits for patients and end users. However, there are also substantial, and rising, risks. Hackers can inflict their will to compromise:

Patient safety

Patient data

Business profitability

Brand reputation

The vast majority of cybercrimes are crimes of opportunity. And, unfortunately, there is plenty of opportunity in the medical device community.

The Traditional Culture: Designing to Prevent Patient Harm

Device manufacturers want to create devices that are safe and easy to use.
These companies are great about understanding how their devices work, and what potential risks and opportunities for harm exist within the use of that product. Their design teams work around these models to design a product that is safe to the end user.

What’s that mean? It means they will design around intended-use cases and provide some basic protection against misuse. The problem with this approach, however, is that it assumes the user is going to be using that device in its intended manner.

What happens if the device is used in unintended ways?

The Emerging Threats: Expanding the Definition of Patient Harm

As technology advances, so must our definition of what defines a “safe” device.

The challenge facing today’s medical device manufacturers is that the definition of patient harm is expanding, both exponentially and rapidly. Hackers are introducing new ways to harm users of medical devices by stealing patient data, holding data for ransom, holding a device and its user hostage, or using a connected device as a pivot point into a larger network.

It’s no longer about ensuring that our devices won’t harm someone — but also that our devices can’t be hacked and used to harm users or hospitals.

Many companies simply aren’t great about predicting or expecting these scenarios. The reality is that, to protect against these threats, we must design differently.

The Solution: Security Engineering

So, how does a company go about changing their culture to design devices that protect against all types of patient harm?

In traditional programming, you design a device for a specific use to work within a specific environment. Engineers assume that the environment in which their device will operate is safe—that nothing in the environment will attack or infiltrate the device. That type of programming opens the door to all sorts of vulnerabilities.

Engineers today must design defensively, under the assumption that their device will be placed in hostile environments.

This type of programming empowers designers to think critically throughout every stage of the product development process. Each decision about connectivity, integrations, data transfer, usability and software updates must undergo a threat profile. Engineers should ask how each design decision opens their device to risk or defends against potential threats.

Additionally, engineers must assume that the network your device will connect to will be comprised, and that there is someone out there who is actively trying to compromise your device.

How are you building redundancies and protocols into your device to protect against these threats?

How to Design Defensively

The challenge for many device manufacturers is that they are design experts, not cybersecurity experts.

Most companies don’t have the resources, bandwidth, or time to add this talent to their design team. Complicating the issue is the reality that cyber threats to the medical community are growing in frequency and severity. This can be an overwhelming feeling for manufacturers.

It makes sense to partner with cybersecurity experts — those who are actively involved in monitoring and identifying threats, and understanding how those threats are exploited.